EP2742710A1 - Procédé et appareil pour fournir un environnement virtuel sécurisé à un appareil mobile - Google Patents

Procédé et appareil pour fournir un environnement virtuel sécurisé à un appareil mobile

Info

Publication number
EP2742710A1
EP2742710A1 EP12751210.1A EP12751210A EP2742710A1 EP 2742710 A1 EP2742710 A1 EP 2742710A1 EP 12751210 A EP12751210 A EP 12751210A EP 2742710 A1 EP2742710 A1 EP 2742710A1
Authority
EP
European Patent Office
Prior art keywords
virtual environment
data
mobile device
secure
secure virtual
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP12751210.1A
Other languages
German (de)
English (en)
Other versions
EP2742710B1 (fr
Inventor
Charles C. Kelly
Joshua R. Davis
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of EP2742710A1 publication Critical patent/EP2742710A1/fr
Application granted granted Critical
Publication of EP2742710B1 publication Critical patent/EP2742710B1/fr
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/082Access security using revocation of authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/37Managing security policies for mobile devices or for controlling mobile applications

Definitions

  • the present invention relates generally to computing device system architecture and more particularly to methods and systems for providing a secure virtual environment on a mobile device.
  • the various aspects provide a secure virtual environment within a mobile device for processing documents and conducting secure activities.
  • the aspect methods create a secure application environment in which secure data and documents may be segregated from unsecured data on a mobile device using document encryption, allowing the application of security policies to only the secure application environment.
  • the creation of a secure application environment allows mobile device users to access and manipulate secure data on any mobile device, not just specifically designated secure devices, without having to secure all data on the mobile device, while providing the corporate entity with necessary document security.
  • the methods and devices of the various aspects provide for securing data on a mobile device by starting a secure application on the mobile device, using the secure application to encrypt any data manipulated using the secure application, and storing the data manipulated using the secure application in encrypted form on the mobile device.
  • FIGs. 1A through 1C are functional block diagrams of modules of a mobile device according to various aspects.
  • FIG. 2 is a communication system block diagram of a wireless network suitable for use with various embodiments.
  • FIG. 5 is a process flow diagram illustrating an aspect method for implementing a secure virtual environment on a mobile device.
  • FIGs. 7A and 7B are functional block diagrams of program elements of the secure virtual environment according to two aspects.
  • FIGs. 8A-C are system architecture diagrams of security approaches employing various aspects of a secure virtual environment.
  • FIGs. 9A-C are system architecture diagrams of security approaches employing various aspects of a secure virtual environment.
  • FIGs. 10A and 10B are block diagrams of a mobile device embodying aspects of a secure virtual environment.
  • FIG. 12 is a schematic diagram of potential elements of corporate policy which may be provisioned to a secure virtual environment on a mobile device.
  • FIG. 14 is a schematic diagram of a potential application received at a mobile device.
  • FIGs. 15 A and 15B are schematic diagrams of potential data received at a mobile device.
  • FIG. 16 is a process flow diagram of an aspect method for provisioning corporate policy to a mobile device.
  • FIG. 17 is a process flow diagram of an aspect method for updating trusted data types on a mobile device.
  • FIG. 18 is a process flow diagram illustrating the method for updating corporate policy to remove data types from a secure memory.
  • FIG. 19 is a process flow diagram of an aspect method for removing trusted applications from a mobile device after a corporate policy update.
  • FIGs. 20 A and 20B are process flow diagrams of aspect methods for conducting corporate events on a mobile device which may be directed through the secure environment application.
  • FIG. 21 is a process flow diagram of an aspect method for managing interactions between the user interface U/I display level, the secure virtual environment, and a network level.
  • FIG. 22 is a process flow diagram of an aspect method for enabling a secure virtual environment at mobile device startup.
  • FIG. 23 is a process flow diagram of an aspect method for granting access to trusted applications without repeated user log-ins to those applications.
  • FIG. 24 is a component diagram of an example mobile device suitable for use with the various embodiments.
  • the term "mobile device” refers to any one or all of cellular telephones, personal television receivers, personal data assistants (PDAs), palm-top computers, notebook computers, personal computers, wireless electronic mail receivers and cellular telephone receivers (e.g., the Blackberry ® and Treo ® devices), multimedia Internet enabled cellular telephones (e.g., Blackberry Storm ®), multimedia enabled smart phones (e.g., Android ® and Apple iPhone ®), and similar electronic devices that include a programmable processor, memory, a communication transceiver, and a display.
  • PDAs personal data assistants
  • Palm-top computers notebook computers
  • personal computers wireless electronic mail receivers and cellular telephone receivers
  • multimedia Internet enabled cellular telephones e.g., Blackberry Storm ®
  • multimedia enabled smart phones e.g., Android ® and Apple iPhone ®
  • similar electronic devices that include a programmable processor, memory, a communication transceiver, and a display.
  • corporate entity refers to any business, corporation, government, individual, or other entity which may desire to set security policy for a mobile device.
  • the various aspects provide a secure virtual environment within a mobile device for processing documents and conducting secure activities that secures documents enabling use of the devices for non-secure and personal uses.
  • the aspect methods create a secure application environment in which secure data and documents are segregated from unsecured data on a mobile device through encryption and controlled decryption, allowing the application of security policies to only the secure application environment.
  • the creation of a secure application environment allows mobile device users to access and manipulate secure data on any mobile device, not just specifically designated secure devices, without having to secure all data on the mobile device and while providing the corporate entity with necessary document security.
  • the methods and devices of the various aspects create a remotely- manageable secure virtual environment on a mobile device.
  • This secure virtual environment may be implemented as an application, as a module within another application (e.g., a word processing application), or as part of the device operating system on a mobile device.
  • the secure virtual environment When the secure virtual environment is started, the user authenticates himself or herself to the secure virtual environment, such as by entering a username, password, secure key, and/or biometric data. Once the user is authenticated, the secure virtual environment enables the user to access, manipulate, receive and store secure documents and data using a variety of applications operating within, or in conjunction with, the secure virtual environment.
  • the secure virtual environment segregates all data viewed, manipulated, or created in the secure virtual environment from all other data on the mobile device by applying
  • Secured data on the device is stored in encrypted format.
  • the secure virtual environment decrypts the data when viewed by the authenticated user in the secure virtual environment, such as when an application opens a secured document.
  • the secure virtual environment re-encrypts the data for storage on the mobile device.
  • secure and unsecure data may reside on the mobile device, because the secure data will be encrypted when not accessed, and such data may only be accessed via the secure virtual environment.
  • secure data is protected because it always resides in encrypted form when not in use.
  • the secure virtual environment may serve as a communication gateway between a mobile device and secure networks.
  • the secure virtual environment interfaces with any communication networks, domains, or applications to automatically provide the user's credentials to those networks, domains, or applications.
  • the gateway By serving as the gateway for secure access, the user need not log in separately to each network, domain, or application they wish to use.
  • This aspect enables users to access their secure company email and maintain secure email system data (e.g., message, calendars, contact lists, etc.) on their mobile device, since such data will be encrypted when the secure virtual environment is not running. Encrypted communications may be accomplished by another application, such as a virtual private network (VPN) application, or optionally, may also be provided by the secure virtual environment.
  • VPN virtual private network
  • the secure virtual environment may leverage a secure hardware zone within the processor of the mobile device.
  • Many mobile devices use processors that feature a secure hardware zone, often implemented as a segmented area of a chip set, that has specific security protocols or encryption applied to only that area.
  • the secure virtual environment may run exclusively in the secure hardware zone on the mobile device, and/or store data exclusively to a secure hardware zone.
  • the secure virtual environment may take advantage of and run within the application program interfaces (APIs), instructions, data segregations and other provisions of the secure hardware zone.
  • APIs application program interfaces
  • the secure virtual environment provides or enables an API/broker that allows software vendors to configure their programs, applications, or widgets to interface with the secure virtual environment.
  • This secure API/broker allows software vendors to create software that may be "trusted” by the secure virtual environment. This enables vendors to provide applications that allow users to enjoy the full functionality of any trusted programs within the secure virtual environment.
  • This secure interaction between multiple software applications allows networks to set security protocols regardless of the applications or the types of mobile devices on which the applications are run.
  • the secure virtual environment presents a secure virtual desktop when started.
  • This desktop may look and function like the standard desktop for the mobile device, but may only present the user with applications, and functions, enabled or supported by the security protocols applied by the security settings.
  • GUI graphical user interface
  • the user' s interaction with the mobile device is not altered, and the application of security protocols to the device is less burdensome to the user since they do not need to learn to navigate a new graphical user interface (GUI). Additionally, the user may switch back and forth between the secure virtual desktop and the standard desktop at will.
  • FIGs. 1A through 1C Example aspects of a mobile device configured to present a secure virtual environment are shown in FIGs. 1A through 1C.
  • FIG. 1 A illustrates an unsecure network 102 and a secure network 104 in communication with a mobile device 106.
  • communications between the mobile device 106 and each of the networks 102 and 104 may be by any known data communication link including wired local area networks (LAN), the Internet, cellular networks, Wi-Fi, GSM, and PCS to name just a few.
  • the mobile device 106 may be configured with a mobile device operating system 108 which provisions an unsecure desktop 110, to a user and a secure virtual environment 112 that operates inside the unsecure desktop 110.
  • Data from the unsecure network 102 flows between the unsecure network 102 and the unsecure desktop 110.
  • Data from the secure network 104 flows between the secure network 104 and the secure virtual environment 112.
  • the secure virtual environment 112 is created within the unsecure desktop 110 of the mobile device operating system 108, encrypted data from the secure network 104 may pass through the mobile device operating system 108 and the unsecure desktop 110 to arrive at the secure virtual environment 112. However, only the secure virtual environment 112 is capable of decrypting the data received from the secure network 104. Further, once manipulation of secure data is finished, the data is encrypted before being stored in a device memory. In this manner, data from the unsecure network 102 and the secure network 104 remain segregated via encryption.
  • the mobile device 106 may be configured with two memory portions; an unencrypted memory 114 and an encrypted memory 116.
  • the memory portions may be distinct portions of a single memory or may be separate physical memory devices.
  • the unencrypted memory 114 maybe in communication with the unsecure desktop 110.
  • the encrypted memory 116 maybe in communication with the secure virtual environment 112. In this manner data from the secure virtual environment 112 is only stored in the encrypted memory 116, and data from the unsecure desktop 110 is only stored in the unencrypted memory 114.
  • FIG. IB illustrates another aspect similar to FIG. 1A.
  • the mobile device 106 is in communication with only an unsecure network 102.
  • both secure and unsecure data may flow between the mobile device 106 and the unsecure network 102.
  • secure data may be encrypted and encapsulated in packets for delivery via the network using virtual private network (VPN) or similar technology in order to protect the secure data.
  • Data received by the mobile device 106 passes to the mobile device operating system 108 and the unsecure desktop 110.
  • Unsecure data may be sent and received unencrypted (even if it is encrypted by VPN during transmission), and therefore may be manipulated in the unsecure desktop 110.
  • the unsecure desktop 110 may both read and write data to the single memory 114 on the mobile device 106.
  • a decryption/encryption module 118 which only allows encrypted data to pass to the unsecure desktop 110.
  • the decryption/encryption module 118 may be a sub-application or program element of the secure virtual environment 112 that configured to encrypt and decrypt data.
  • the data encryption/decryption module 118 decrypts data entering the secure virtual environment 112 and encrypts data leaving the secure virtual environment 112.
  • the decryption/encryption module 118 thus serves as a gatekeeper, only allowing encrypted, and therefore secure, data to be saved by the secure virtual environment 112. Additionally, the decryption/encryption module 118 serves to encrypt all data leaving the secure virtual environment.
  • the encrypted data may enter the decryption/encryption module 118 from the unsecure desktop 110, where it is decrypted and passed to the secure virtual environment 112.
  • the secure virtual environment 112 may then manipulate the secure data, and pass the data back to the decryption/encryption module 118 to be encrypted before it leaves the secure virtual environment.
  • the encrypted data may be passed from the decryption/encryption module 118 to the unsecure desktop 110 to be stored in the unencrypted memory 114 or passed to the unsecure network 102.
  • secure and unsecure data may flow across an unsecure network 102 and be stored in unencrypted memory 114, because secure data will always be encrypted at the data level while not being manipulated in the secure virtual environment 112.
  • the constant encryption of the secure data outside the secure virtual environment 112 protects the data, regardless of the nature of the network or memory on the mobile device 106.
  • FIG. 1C illustrates an aspect in which the mobile device 106 has two operating systems, an unsecure operating system 108 and a secure operating system 120.
  • the unsecure operating system 108 may be in communication with an unsecure network 102 and an unencrypted memory 114.
  • the secure operating system 120 may be in communication with a secure virtual environment 112.
  • the secure virtual environment 1012 acts as a gatekeeper, ensuring only secure data enters and exits the secure operating system 120.
  • the secure virtual environment 112 may be in communication with a secure network 104, an encrypted memory 116, and the unsecure operating system 108.
  • the secure virtual environment 112 may transmit to or receive data from the secure network 104, and read data from and write data to the encrypted memory 116.
  • the secure virtual environment 112 may receive data from the unsecure operating system 108. Unsecure data maybe unencrypted and may only be manipulated by the unsecure operating system 108. Secure data, which is encrypted when received, may be received at the unsecure operating system 1008 via the unsecured network 1002. If encrypted data is received by the unsecure operating system 108, the unsecure operating system 108 may pass the encrypted data to the secure virtual environment 112. Secure data received via the secure network 104 in the secure virtual environment 112 may be stored in encrypted format. The secure virtual environment 112 decrypts the secure data received from the unsecure operating system 108, the encrypted memory, or the secure network 104 and passes the decrypted data to the secure operating system 120. The applications running within the secure operating system 120 may then manipulate the decrypted secure data.
  • Data from applications running within the secure operating system 120 may be passed to the secure virtual environment 112 to be encrypted before transmission to the secure network 104 or storage in the encrypted memory 116. In this manner, the secure virtual environment 112 ensures that outside the secure operating system 120 secure data is always encrypted.
  • FIG. 2 illustrates a wireless network system 200 suitable for use with the various aspects.
  • At least one mobile device 202 and a wireless transmitter/receiver 204 together make up a wireless data network 206.
  • data may be transmitted wirelessly between the mobile device 202 and the wireless cell tower or base station 204.
  • the transmissions between the mobile device 202 and wireless cell tower or base station 204 may be by any cellular networks, including Wi-Fi, CDMA, TDMA, GSM, PCS, G-3, G-4, LTE, or any other type connection.
  • the wireless network 206 is in communication with a router 208 which connects to the Internet 210.
  • data may be transmitted from/to the mobile device 202 via the wireless network 206, and router 208 over the Internet 210 to/from a server 212 by methods well known in the art.
  • the wireless network 206 and servers 212 may be secure or unsecure. While the various aspects are particularly useful with wireless networks, the aspects are not limited to wireless networks and may also be implemented over wired networks with no changes to the methods.
  • FIGs. 3A and 3B illustrate software architectures of the server and mobile device, respectively.
  • FIG. 3A illustrates a software architecture of a network 3000 well known in the art.
  • the software architecture of a network 3000 includes server level applications 3002, a client level 3004, middleware 3006, and a hardware layer 3008.
  • FIG. 3B illustrates a software architecture of a mobile device 3010 employing an aspect secure virtual environment.
  • the levels include an application level 3012, a client level 3014, a secure virtual environment 3020, middleware 3016, and a hardware layer 3018.
  • FIGs. 4A-4B illustrate different embodiment mobile device memory structures that may be used in various aspects.
  • FIG. 4A illustrates an embodiment including a single unencrypted memory 4000 on a mobile device.
  • unsecure data 4002 and secure data 4004 may be stored in the same unencrypted memory 4000.
  • Secure data 4004 is protected by being encrypted at the data level. Thus, though the total contents of the unencrypted memory 4000 may be accessed without security or encryption, the secure data 4004 will remain protected by its independent encryption.
  • FIG. 4B illustrates an embodiment mobile device memory having two parts, an unencrypted memory 4000 and an encrypted memory 4006.
  • the mobile device memory may be a single physical memory segregated into an unencrypted memory portion 4000 and an encrypted memory portion 4006, or may be two independent memory structures.
  • secure data 4004 is encrypted at the data level before being sent to the encrypted memory 4006, but is further protected because the encrypted memory 4006 further encrypts the secure data 4004. Only secure data 4004 is sent to the encrypted memory 4006.
  • the unsecure data 4002 resides in the unencrypted memory 4000, and neither the unsecure data 4002 nor the unencrypted memory 4000 may be subject to encryption.
  • a dual layer of security is provided to the secure data 4004. If the first layer of encryption provided by the encrypted memory 4006 is compromised, the individual data elements that are the secure data 4004 may be also independently encrypted providing a second layer of security.
  • FIG. 5 illustrates an embodiment 5000 for implementing a secure virtual environment on a mobile device.
  • This method 5000 may be implemented within a processor of a mobile device by configuring the processor with suitable processor-executable instructions to perform the operations of the method.
  • the mobile device may receive a user request for activation of the secure virtual environment. This user input may be in the form of a user touching or clicking on an icon on the mobile device desktop, a drop down menu, or via any other selection method.
  • the processor implementing the secure virtual environment prompts the user to provide authentication inputs. In the operation the user may be prompted to provide a variety of authentication inputs, including user ID, password, biometric data, secure key, or any combination thereof.
  • the processor receives the user requested authentication information.
  • the secure virtual environment grants access to the user.
  • the secure virtual environment enables those applications considered by the corporate protocol or user settings to be trusted applications.
  • the user may be presented with a user interface displaying only trusted applications.
  • the user is allowed to only access trusted data with the trusted applications via the secure virtual environment.
  • trusted data accessed in the secure virtual environment may be decrypted from its storage state.
  • the user views and manipulates the trusted data with one or more trusted applications.
  • the trusted data may be encrypted by the secure virtual environment before being transmitted or stored. In this way, secure data may not be in unencrypted form outside the confines of the secure virtual environment.
  • the mobile device may receive a user request to exit the secure virtual environment. This user input may be in the form of a user touching or clicking on an icon on the mobile device desktop, a drop down menu, or via any other selection method.
  • the processor may be configured to automatically exit the secure environment in response to certain defined conditions, such as inactivity (e.g., no user inputs received within a threshold duration), the device entering a sleep mode, the device entering or exiting a defined geographic boundary (as may be determined by GPS or cell tower ID), the device experiencing damage (e.g., an acceleration exceeding a threshold value) or physical modification (e.g., breaking of a tamper seal), or other indications of an event warranting protection of secure data.
  • certain defined conditions such as inactivity (e.g., no user inputs received within a threshold duration), the device entering a sleep mode, the device entering or exiting a defined geographic boundary (as may be determined by GPS or cell tower ID), the device experiencing damage (e.g., an acceleration exceeding a threshold value) or physical modification (e.g., breaking of a tamper seal), or other indications of an event warranting protection of secure data.
  • inactivity e.g., no user inputs received within a threshold duration
  • the processor implementing the secure virtual environment receives the user request to exit the secure virtual environment, the processor encrypts any open secured data and closes the secure virtual environment.
  • a user may be presented with a user interface with all applications except those unique to the secure virtual environment.
  • the user may be allowed to access un-trusted data with the mobile device.
  • FIGs. 6A and 6B illustrate an embodiment 6000a and 6000b for interacting with data received at a mobile device using a secure virtual environment.
  • Methods 6000a and 6000b may be implemented within a processor of a mobile device by configuring the processor with suitable processor-executable instructions to perform the operations of the method.
  • data may be received at the mobile device, such as via a wireless or wired communication link.
  • the secure virtual environment may be started.
  • the secure virtual environment may apply corporate policy and/or user settings and determine if the data type is allowed.
  • the secure virtual environment decrypts the data.
  • an application may be selected to manipulate the data.
  • the application selected may be a trusted application specifically authorized to operate in the secure virtual environment.
  • the selection of the application at block 6012 may be independently made by the processor of the mobile device, made by the processor in response to a received user input to the mobile device, or by some combination of the two.
  • the secure virtual environment encrypts the manipulated data, and at block 6016 the manipulated data may be stored on the mobile device.
  • the secure data By encrypting the data at block 6014 no data is allowed outside the secure virtual environment in an unencrypted form. In the event the secure data is only viewed and is not indicated for saving (e.g., by a user input or a document policy included in the data), the secure data may just be deleted from memory in which case operations at blocks 6014 and 6016 would not be performed.
  • FIG. 6B illustrates an alternative embodiment 6000b for interacting with data received at a mobile device using a secure virtual environment.
  • This method 6000b may be implemented within a processor of a mobile device by configuring the processor with suitable processor-executable instructions to perform the operations of the method.
  • the method 6000b further employs data headers to identify data as being secure.
  • data may be received at the mobile device as discussed above.
  • the secure virtual environment may be started at block 6006.
  • the encrypted data may be manipulated in any manner available to the mobile device outside of the secure virtual environment, and any errors related to the manipulation of encrypted data may addressed by standard error handling mechanisms outside the secure virtual
  • the secure virtual environment may decrypt the data header at block 6026.
  • the now decrypted data header may be read, and information about the trusted status of the data may be determined by the secure virtual environment.
  • the data may be manipulated with a standard application.
  • the encrypted data may be manipulated in any manner available to the mobile device outside of the secure virtual environment, and any errors related to the manipulation of encrypted data may addressed by standard error handling mechanisms outside the secure virtual environment.
  • the secure virtual environment may decrypt the data.
  • an application may be selected to manipulate the trusted and decrypted data.
  • the application selected may be a trusted application specifically authorized to operate in the secure virtual environment.
  • the selection of the application at block 6012 may be independently made by the processor of a mobile device, made by the processor in response to a received user input to the mobile device, or by some combination of the two.
  • the secure virtual environment may encrypt the manipulated data, and at block 6016 the manipulated data may be stored on the mobile device.
  • no data may be allowed outside the secure virtual environment in an unencrypted form. Again, if no secure data is to be saved o the device, the operations of blocks 6014 and 6016 may not be performed.
  • a data header may be unencrypted, while the rest of the data packet may be encrypted.
  • the processor may determine whether the packet contains any encrypted data. If any encrypted data is present, then the data may be passed to the secure virtual environment for display and manipulation.
  • FIGs. 7A and 7B illustrate software architecture elements and processing modules of two embodiments of the secure virtual environment 7000a and 7000b.
  • FIG. 7A illustrates a secure virtual environment 7000a embodiment containing a security policy module 7002, a secure key/password provisioning module 7004, a trusted data interrogation module 7006, an encryption/decryption module 7008, a security and storage management module 7010, a virtual private network (VPN) client module 7012, a secure virtual environment access authentication module 7014, and a secure API/broker module 7016.
  • Each of the modules 7002-7016 may be applications, functional modules within an application, an API, or an interface to another application (e.g., a VPN client).
  • the security policy module 7002 is a module containing or defining the overarching policy implemented by the secure virtual environment 7000a to protect data on a mobile device.
  • the security policy module 7002 may include a list of allowed file types, data save restrictions, network access restrictions, application restrictions, and any other policy settings which may be necessary to protect secure data on a mobile device.
  • the secure key/password provisioning module 7004 may allow the secure virtual environment 7000a to provide secure keys and passwords automatically to secure applications and to secure networks. In this manner, once the user has logged onto and been authenticated by the secure virtual environment 7000a, a user may not need to log-in or provide keys or passwords to other secure applications or networks accessed with the secure virtual environment. This is because the secure key/password provisioning module 7004 may automatically provide the needed authentication information.
  • the trusted data interrogation module 7006 may provide the secure virtual environment 7000a with the ability to interrogate data received to determine if the data is trusted data.
  • the encryption/decryption module 7008 may decrypt data received by the secure virtual environment 7000a, and may encrypt data transmitted or stored by the secure virtual environment 7000a.
  • the secure API/broker module 7016 may allow trusted applications to be added to the secure virtual environment 7000a if allowed by the security policy module 7002.
  • FIG. 7B shows an embodiment with the same elements as described above with reference to FIG. 7 A, with the addition of a policy manager API/broker module 7018.
  • the policy manager API/broker module 7018 may allow updates and revisions to the security policy module 7002 to be received by the secure virtual environment 7000b. This embodiment may enable a corporate entity to update or change the security policy on a mobile device remotely without having to have direct physical access to the mobile device.
  • secure virtual environment may be provided on a mobile device with multiple operating systems or a single operating system.
  • FIGs. 9A-C illustrate alternative embodiments of a secure virtual environment in which a mobile device is provided with two operating systems, a secure operating system and an unsecure operating system.
  • FIGs. lOA-C illustrate alternative embodiments of a secure virtual environment in which a mobile device is provided with a single operating system.
  • FIGs. 8A-C illustrate alternative embodiments of a secure virtual environment in which a mobile device is provided with a secure operating system and an unsecure operating system.
  • the overall system architecture 9000a includes three areas; a non-secure area 9002, a secure area 9004, and a key architecture 9006.
  • the non-secure area 9002 represents unprotected areas in which security protocols are not applied.
  • the secure area 9004 represents protected areas in which security protocols are applied.
  • the key architecture 9006 represents the areas in which mobile device security keys operate.
  • the software levels of the system 9000a may be broken down into a client level 9012, a secure virtual environment 9014, a middleware level 9016, and a hardware level 9018.
  • Client level 9012 software includes mobile, or standard, applications 9022 and trusted mobile applications 9024, also called simply trusted applications.
  • Trusted mobile applications 9024 may be applications specifically provided by the corporate entity that are identified as meeting security requirements and authorized to handle corporate entity data and to operate on the corporate entity's networks and equipment.
  • Trusted mobile applications 9024 may be specific applications designed for the corporate entity or public applications that the corporate entity has previously established as meeting security requirements and operability requirements.
  • the secure virtual area 9014 may be a software level or run time environment established on a mobile device.
  • the secure virtual area 9014 may be established using a single application or a group of applications.
  • the secure virtual environment 9014 may contain a secure API/broker 9026 which acts as a gate keeper for the secure virtual environment 9014 and controls the operation of data and mobile applications 9022 received from the non-secure area 9002.
  • the secure API/broker 9026 may allow application designers to create mobile applications 9022 that can operate in the secure virtual environment 9014. In this manner, application designers need not interact with the corporate entity directly to produce applications, and provide applications to mobile devices. An application designer may create a mobile application 9022 which meets the security requirements of the secure virtual environment 9014 independent of the corporate entity.
  • a mobile device user may attempt to download or access the mobile application 9022 stored in a non-secure area.
  • the secure API/broker 9026 may determine if the mobile application 9022 meets the security and operability requirements for the specific secure virtual environment 9014 established on the mobile device. Should the mobile application 9022 meet the security and operability requirements the mobile application 9022 may be allowed to operate in the secure virtual environment 9014 and be provided to the trusted mobile application environment 9028.
  • the trusted mobile application environment 9028 may be an area of the secure virtual environment 9014, including a GUI, in which the authorized applications operate. Should the mobile application 9022 not meet the requirements of the secure API/broker 9026, the mobile application 9022 may not be allowed to interact further with the secure virtual environment 9014.
  • the secure virtual environment may include a security and storage management system 9030 which interacts with the trusted mobile application environment 9028 and the key management system 9034 to provide necessary security and storage capability.
  • An unsecure operating system 9032 may be provided on the mobile device in a nonsecure area 9002 and a non-secure memory 9036 may be provided in a non-secure area 9002.
  • a mobile application 9022 which does not meet the requirements of the secure API/broker 9026 may only operate in the unsecure operating system 9032 and may only write or read data to the non-secure memory 9036.
  • a secure operating system 9044 Provided in the secure area 9004 of the mobile device may be a secure operating system 9044 and a secure memory 9038.
  • Trusted mobile applications 9024 may be provided to the trusted mobile application environment 9028.
  • Trusted mobile applications 9024, or mobile applications 9022 which meet the requirements of the secure API/broker 9026 may be provided to the secure operating system 9044 through the trusted mobile application environment 9028. Only applications in the trusted mobile application environment 9028 interact with the secure operating system 9044 and the secure memory 9038.
  • the non-secure memory 9036, the secure memory 9038 and the key provisioning system 9040 reside at the hardware level 9018.
  • FIG. 8B illustrates another embodiment system architecture 9000b that is similar to those described above with reference to FIG. 8A, with the addition of a policy manager API/broker 9042 in the secure virtual environment.
  • the policy manager API/broker 9042 may be in communication with the security and storage management system 9030 and the trusted mobile application environment 9028. Through either the trusted mobile application environment 9028, or the security and storage management system 9030, the policy manager API/broker 9042 may receive corporate policy updates from the corporate entity.
  • the policy manager API/broker 9042 may enable the corporate entity to update security protocols, update operating restrictions, and perform various functions in the secure virtual environment 9014 and the secure area 9004 of the mobile device.
  • the policy manager API/broker 9042 gives the corporate entity the ability to remotely update and control the secure virtual environment 9014 and secure area 9004 of the mobile device.
  • FIG. 8C illustrates another embodiment architecture 9000c that includes modules similar to those described above with respect to FIG. 8B, including the policy manger API/broker 9042, but with a single memory 9036 on the mobile device.
  • the secure operating system 9044 and the unsecure operating system 9032 both store and read data on the non-secure memory 9036.
  • Data in the secure virtual environment 9014 may be stored in an encrypted form when not in use by the trusted mobile application environment 9028.
  • the continual application of encryption at the data level by the secure virtual environment 9014 ensures that secure data may be stored in a non-secure memory 9036 because the secure data itself will be encrypted at the data level.
  • FIGs. 9A-C illustrate alternative embodiments of a secure virtual environment in which a mobile device is configured with a single operating system.
  • the overall system architecture 1000a may include three areas; a non-secure area 1002, a secure area 1004, and a key architecture 1006.
  • the non-secure area 1002 represents unprotected areas in which security protocols are not applied.
  • the secure area 1004 represents protected areas in which security protocols are applied.
  • the key architecture 1006 represents the areas in which mobile device security keys operate.
  • the software levels of the system 1000a may be broken down into a client level 1012, a secure virtual environment 1014, a middleware level 1016, and a hardware level 1018.
  • the client level 1012 software includes mobile, or standard, applications 1022 and trusted mobile applications 1024, also called simply trusted applications.
  • Trusted mobile applications 1024 may be applications specifically provided by the corporate entity that may be identified as meeting security requirements and authorized to handle corporate entity data and to operate on the corporate entity's networks and equipment.
  • Trusted mobile applications 1024 may be specific applications designed for the corporate entity or public applications that the corporate entity has previously established as meeting security requirements and operability requirements.
  • the secure virtual area 1014 may be a software level or run time environment established on a mobile device.
  • the secure virtual area 1014 may be established using a single application or a group of applications.
  • the secure virtual environment 1014 may contain a secure API/broker 1026 which acts as a gate keeper for the secure virtual environment 1014 and controls the operation of data and mobile applications 1022 received from the non-secure area 1002.
  • the secure API/broker 1026 may allow application designers to create mobile applications 1022 that can operate in the secure virtual environment 1014. In this manner, application designers need not interact with the corporate entity directly to produce applications, and provide applications to mobile devices. An application designer may create a mobile application 1022 which meets the security requirements of the secure virtual environment 1014 independent of the corporate entity.
  • a mobile device user may attempt to download or access the mobile application 1022 stored in a non-secure area.
  • the secure API/broker 1026 may determine if the mobile application 1022 meets the security and operability requirements for the specific secure virtual environment 1014 established on the mobile device. Should the mobile application 1022 meet the security and operability requirements the mobile application 1022 may be allowed to operate in the secure virtual environment 1014 and be provided to the trusted mobile application environment 1028.
  • the trusted mobile application environment 1028 may be an area of the secure virtual environment 1014, including a GUI, in which the authorized applications operate. Should the mobile application 1022 not meet the requirements of the secure API/broker 1026, the mobile application 1022 may not be allowed to interact further with the secure virtual environment 1014.
  • the secure virtual environment may include a security and storage management system 1030 which interacts with the trusted mobile application environment 1028 and the key management system 1034 to provide necessary security and storage capability.
  • An operating system 1032 may be provided on the mobile device in both a non-secure area 1002 and a secure area 1004.
  • the single operating system 1032 interacts with the secure virtual environment 1032 through the trusted mobile application environment 1028 and mobile applications 1022 in a non-secure area 1002.
  • the operating system 1032 may be configured such that a mobile application 1022 which does not meet the requirements of the secure API/broker 1026 may only function in a non-secure area 1002 of the operating system 1032 and may only write or read data to the non-secure memory 1036.
  • the operating system 1032 may also operate in the secure area 1004 of the mobile device and read and write data to a secure memory 1038.
  • Trusted mobile applications 1024 may be provided to the trusted mobile application environment 1028.
  • Either trusted mobile applications 1024, or mobile applications 1022 which meet the requirements of the secure API/broker 1026, may be provided to the operating system 1044 through the trusted mobile application environment 1028. Only applications in the trusted mobile application environment 1028 interact with the secure memory 1038 through the operating system 1032.
  • the non-secure memory 1036, the secure memory 1038 and the key provisioning system 1040 reside at the hardware level 1018.
  • FIG. 9B illustrates another embodiment system architecture 1000b that includes modules similar to those described above with reference to FIG. 9A, with the addition of a policy manager API/broker 1042 in the secure virtual environment.
  • the policy manager API/broker 1042 may be in communication with the security and storage management system 1030 and the trusted mobile application environment 1028. Through either the trusted mobile application environment 1028, or the security and storage management system 1030, the policy manager API/broker 1042 may receive corporate policy updates from the corporate entity.
  • the policy manager API/broker 1042 may enable the corporate entity to update security protocols, update operating restrictions, and perform various functions in the secure virtual environment 1014 and the secure area 1004 of the mobile device.
  • the policy manager API/broker 1042 gives the corporate entity the ability to remotely update and control the secure virtual environment 1014 and secure area 1004 of the mobile device.
  • FIG. 9C illustrates another embodiment of the system architecture 1000c that includes modules similar to those described above with respect to FIG. 9B, but with a single memory 1036 on the mobile device. Additionally, in this aspect the operating system 1032 resides entirely in the non-secure area 1002. In this embodiment data from the trusted mobile application environment 1028 and all other data passes to a single non-secure memory 1036. All data in the secure virtual environment 1014 may be stored in an encrypted form when not in use by the trusted mobile application environment 1028. The continual application of encryption at the data level by the secure virtual environment 1014 ensures that secure data may be stored in a non-secure memory 1036 because the secure data itself will be encrypted at the data level.
  • FIGs. 10A and 10B illustrate example displays of a mobile device 1100 embodying aspects of the secure virtual environment.
  • FIG. 10A illustrates a mobile device 1100 display operating in a non-secure mode.
  • the mobile device 1100 display includes a status bar 1102 and a touch screen 1104.
  • the touch screen 1104 shows a desktop configured to display icons 1106-1128 representing available mobile applications 1106, 1108, 1110, 1112, 1114, 1116, 1118, 1120, 1122, 1124, 1126, and 1128 available in the non-secure mode.
  • an icon for the secure virtual environment 1130 is shown at the bottom of the touch screen 1104. Selection of the secure virtual environment icon 1130 by a user may be configured to start the secure virtual environment. In the secure virtual environment only trusted mobile applications may be provisioned to the user.
  • FIG. 10B illustrates an embodiment display of the mobile device 1100 while operating in a secure virtual environment mode.
  • the touch screen 1104 includes a banner 1132 indicating the mobile device is operating in the secure virtual environment.
  • the touch screen 1104 also only displays icons for trusted mobile applications 1134, 1128, 1136, 1138, 1124, and 1120 which may be authorized to operate in the secure virtual environment.
  • An EXIT secure virtual environment icon 1140 appears at the bottom of the touch screen 1104 and may be linked to functionality allowing the user to exit the secure virtual environment.
  • the e-mail application 1124 and calendar application 1120 are illustrated as being present in both the non-secure (FIG. 10A) and secure environments (FIG. 10B).
  • FIGs. 11 A and 1 IB illustrate an example of a mobile device 1200 embodying aspects of the secure virtual environment.
  • FIG. 11A illustrates a mobile device 1200 operating in a non-secure mode.
  • the mobile device 1200 display includes a status bar 1202 and a touch screen 1204.
  • the touch screen 1204 shows a desktop configured to display icons 1206-1228 representing available mobile applications 1206, 1208, 1210, 1212, 1214, 1216, 1218, 1220, 1222, 1224, 1226, and 1228 available in the non-secure mode.
  • an icon for activating the secure virtual environment 1230 is shown at the bottom of the touch screen 1204. Selection of the secure virtual environment icon 1230 by a user starts the secure virtual environment.
  • FIG. 1 IB illustrates an embodiment display of the mobile device 1200 operating in a secure virtual environment mode.
  • the touch screen 1204 includes a banner 1232 indicating the mobile device is operating in the secure virtual environment.
  • the display 1204 also only displays icons for trusted mobile applications 1234, 1236, and 1238.
  • An EXIT secure virtual environment icon 1240 appears at the bottom of the display 1204 and may be linked to functionality to enable the user to exit the secure virtual environment. Illustrated in the touch screen 1204 in FIG. 11 A and in FIG. 1 IB, in one aspect applications on the mobile device available in the secure virtual environment may be distinct from the applications available in the non-secure mode.
  • a client e-mail application 1236 may be a unique application separate from the e-mail application 1224 shown in FIG. 11 A. In this aspect both a secure operating environment and specifically designed secure client applications may be presented to the mobile device 1204 in FIG. 11B.
  • FIG. 12 is a schematic diagram of potential elements of a corporate security policy 1300 which may be provisioned to a secure virtual environment on a mobile device.
  • the corporate security policy 1302 may include designations of allowed file types 1304, password requirements 1306, user level restrictions 1308, designations of specific allowed applications 1310, data manipulation restrictions 1312, lockout settings 1314, data storage/transfer restrictions 1316, and data deletion schemes 1318.
  • Policies associated with allowed file types 1304 may be any security or operation controls set on the mobile device related to file type. These may include designating a file type (such as a .jpg) as allowed to operate in the secure virtual environment, while preventing other file types (such as .exe) from being imported into the secure virtual environment.
  • a file type such as a .jpg
  • other file types such as .exe
  • Policies related to allowed applications 1310 may include policies directed to any aspect of applications operating on or with the mobile device and/or the secure virtual environment. Policies related to allowed applications may include policies preventing the downloading of certain applications or application types, including the prevention of the download or use of trusted applications.
  • Policies related to data manipulation restrictions 1312 may include security or operation policy controlling any aspect of data manipulation.
  • the policies related to data manipulation 1312 may include policy preventing the opening of data types or applications within certain applications, or other data manipulation restrictions.
  • Policies related to lockout settings 1314 may regulate lockout settings 1314 such as how long after the mobile device is detected as being idle that secure virtual environment may be closed, or how many incorrect log in attempts to the secure virtual environment may be allowed before the secure virtual environment may be permanently locked to access. Also, as discussed above, policies may also indentify conditions or events which should trigger automatic termination of the secure virtual environment and encryption or deletion of all secure data.
  • Policies related to data storage/transfer restrictions 1316 may include any policy related to handling or transfer of data, including preventing files from being saved in the secure virtual environment or restricting transfers of data between mobile devices.
  • Policies related to a data deletion scheme 1318 may include policies defining when data should be automatically deleted from the mobile device, or settings for the secure virtual environment that causes the secure virtual environment to delete all data of a certain age stored in a secure memory after a set period of time.
  • FIG. 13 illustrates an embodiment method 1400 for sorting received mobile applications on a mobile device employing a secure virtual environment.
  • the method 1400 may be implemented within a processor of a mobile device by configuring the processor with suitable processor-executable instructions to perform the operations of the method.
  • an application may be received at the mobile device.
  • the application may be received from a secure or non-secure network connection.
  • the secure API/broker may interrogate the received application.
  • FIG. 14 is a schematic diagram of a potential application 1500 received at a mobile device.
  • the application 1500 may include an application header 1502 which includes a trusted ID 1504.
  • the trusted ID 1504 may serve as the credentials for identifying that the application 1500 is capable, and potentially allowed, to operate in the secure virtual environment.
  • the application code 1506 may be separated from the application header 1502. In this manner an application header 1502 may be read without requiring the actual application code 1506 to be manipulated.
  • a mobile device employing a secure API/broker may read the header of the application, and the secure API/broker may determine if the application 1500 is trusted by analyzing the trusted ID 1504. Additionally, the trusted ID 1504 or other information from the application header 1502 may be used by a secure API/broker to determine if an application may be allowed by the current corporate policy.
  • FIGs. 15 A and 15B illustrate two embodiment data structures 1600a and 1600b.
  • FIG. 15 A shows data 1600a which is composed of an unencrypted data header 1602 which includes a trusted ID 1604.
  • the data structure 1600a may be identified as trusted by the trusted ID 1604 without any decryption being necessary, because the unencrypted data header 1602 may be read by any application, with or without
  • FIG. 15B illustrates an embodiment data structure 1600b similar to that described above with reference to FIG. 15 A, except that data structure 1600b has an encrypted data header 1610.
  • the encrypted data header 1610 includes a trusted ID 1604 that serves as a credential for identifying that the data 1600b is capable of and potentially allowed to operate in the secure virtual environment.
  • the encrypted data header 1610 provides an extra layer of security, ensuring the entirety of the data 1600b may be encrypted and protected at the data level.
  • FIG. 16 illustrates an embodiment method 1700 for provisioning corporate policies in a mobile device.
  • This method 1700 may be implemented within a processor of a mobile device by configuring the processor with suitable processor-executable instructions to perform the operations of the method.
  • a corporate policy update may be received at the mobile device.
  • the corporate policy update may update various aspects of the security policies applied on the mobile device including; allowed file types; password requirements; user level restrictions; allowed applications; data manipulation restrictions; lockout settings; data storage/transfer restrictions; and data deletion schemes.
  • the corporate policy update may be received over a secure or non- secure network.
  • the secure virtual environment may be updated to apply the corporate policies received a block 1702.
  • the allowed trusted application list may be updated.
  • the allowed trusted application list may be a list or table of trusted applications that may be allowed by the corporate policy to operate in the secure virtual environment established on the mobile device.
  • the mobile device unsecured memory may be scanned for trusted applications. This scan may be executed by the secure virtual environment or by other aspects of the mobile device.
  • data associated with any trusted applications moved to a secure memory of the mobile device may be also moved to the secure memory at block 1718.
  • FIG. 17 illustrates an embodiment method 1800 for updating trusted data types on a mobile device.
  • This method 1800 may be implemented within a processor of a mobile device by configuring the processor with suitable processor-executable instructions to perform the operations of the method.
  • a corporate policy update may be received at the mobile device.
  • the corporate policy update includes an update of the allowed trusted data types.
  • the corporate policy update may be received over a secure or non-secure network.
  • the unsecured memory may be scanned for trusted data types. This may be executed by the secure virtual environment or by other aspects of the mobile device.
  • FIG. 18 illustrates an embodiment method 1900 for updating corporate policy to remove data types from a secure memory.
  • This method 1900 may be may be implemented within a processor of a mobile device by configuring the processor with suitable processor- executable instructions to perform the operations of the method.
  • a corporate policy update may be received at the mobile device.
  • the corporate policy update includes an update of the allowed trusted data types.
  • the corporate policy update may be received over a secure or non-secure network.
  • the secure virtual environment may be updated to apply the updated corporate policy.
  • an allowed trusted data type may be updated with the updated corporate policy. This may include updating a list or table of allowed trusted data types that may function in the secure virtual environment. In this embodiment the allowed trusted data types table may be updated by removing previously allowed trusted data types. These now un-allowed data types are no longer authorized in the secure virtual environment by the policy of the corporate entity.
  • a secure memory may be scanned for un-allowed data types.
  • the scanning may be conducted by the secure virtual environment or other aspects of the mobile device.
  • the secure virtual environment may generate a deletion report. This deletion report may be sent to the corporate entity or stored on the mobile device.
  • a deletion report may include information as to the types of data deleted, the number or size of data deleted, the date and time of deletion, and other information related to the deletion of data.
  • FIG. 19 illustrates an embodiment method 2000 for removing trusted applications from a mobile device after a corporate policy update. This method 2000 may be
  • a corporate policy update may be received at the mobile device.
  • the corporate policy update may be received over a secure or non- secure network.
  • the corporate policy update includes an update of the allowed trusted applications.
  • a secure memory may be scanned for un-allowed trusted applications.
  • the scanning may be conducted by the secure virtual environment or other aspects of the mobile device.
  • FIGs. 20A-B illustrate alternative embodiment methods 2100a and 2100b for conducting corporate events on a mobile device which may be directed through the secure virtual environment.
  • FIG. 20A illustrates an embodiment 2100a for conducting the corporate event of provisioning a catalog command to a mobile device.
  • Catalog commands may direct the secure virtual environment to catalog items on the mobile device.
  • an E- Discovery request may require the corporate entity to provide information about a mobile device.
  • the corporate entity may use a corporate event, for example a catalog command.
  • This method 2100a may be implemented within a processor of a mobile device by configuring the processor with suitable processor-executable instructions to perform the operations of the method.
  • a corporate entity catalog command may be received by the secure virtual environment.
  • the processor implementing the secure virtual environment may catalog all the applications and data residing in the secure memory and/or associated with the secure virtual environment.
  • the processor implementing the secure virtual environment may generate a catalog report which may be sent to the corporate entity.
  • the catalog report may include information about the nature of the data in the secure virtual memory and/or associated with the secure virtual environment.
  • the catalog report may be sent via a secure or unsecure network.
  • the secure virtual environment may be locked in block 2108.
  • the locking of the secure virtual environment may occur as a result of instructions contained in the corporate catalog command.
  • the corporate entity may have the phone locked in order to preserve data in relation to the E-Discovery request.
  • the contents of any secure memory on the mobile device may be copied by the processor implementing the secure virtual environment and sent to the corporate entity in response to the catalog command.
  • FIG. 20B illustrates an embodiment method 2100b for conducting the corporate event of securing a mobile device after a mobile device is reported stolen, sold, or an employee is terminated. If a mobile device is reported to the corporate entity as stolen, the mobile device is sold, or the employee is terminated, the corporate entity may desire to ensure the protection of corporate data on the mobile device.
  • These three scenarios represent common situations in which corporate data needs to be removed from a mobile device, though any situation in which data is to be removed might employ the method 2100b.
  • This method 2100b may be implemented within a processor of a mobile device by configuring the processor with suitable processor-executable instructions to perform the operations of the method.
  • the processor implementing the secure virtual environment may receive a corporate delete command.
  • the processor implementing the secure virtual environment may erase all secure data on the mobile device.
  • the secure data may include trusted applications or trusted data and any contents of a secure memory. Known methods for effectively erasing data from memory may be used.
  • the secure virtual environment may be permanently locked, disabled, and/or deleted from the mobile device.
  • FIG. 21 illustrates an embodiment method 2200 for managing interactions between the user interface, the secure virtual environment, and a communications network.
  • the method 2200 may be implemented within a processor of a mobile device and the processor of a network server by configuring the processors with suitable processor-executable instructions to perform the operations of the method.
  • Operations in the columns labeled U/I (user interface) Display Level and Secure Virtual Environment may be implemented within the processor of a mobile device, and operations in the column labeled Communications Network may be implemented within the processor of a network server, such as an enterprise server under the control of the organization providing the corporate policies described above.
  • the mobile device may receive a user request for activation of the secure virtual environment.
  • This user input may be in the form of a user touching or clicking on an icon on the mobile device display, a drop down menu, or via any other selection method.
  • the secure virtual environment initializes.
  • the secure virtual environment may generate a user authentication prompt (e.g., a password entry window) that is passed to the user interface display rendering module.
  • the user authentication prompt may be used by the user interface display level to present the prompt on the display and await an authentication input.
  • the prompt may be in the form of a dialog box, a pop-up window, or any other form.
  • the user may be prompted to provide a variety of authentication inputs, including user ID, password, submission to a biometric sensor, or any combination thereof.
  • the user interface receives the user authentication inputs and passes the user authentication inputs to the secure virtual environment.
  • the secure virtual environment verifies the user using the received authentication inputs. Based on that verification, access may be granted to the secure virtual environment in block 2214.
  • the secure virtual environment may be presented on the display.
  • the mobile device may receive a user input indicating selection of a network based application via the user interface.
  • a network access request may be generated by the secure virtual environment.
  • the network access request may be communicated to the communications network at block 2222 via a communication layer of the mobile device. Since such communications may use any known data communication hardware and protocol, internal operations and messaging associated with establishing a communication link are not shown or further described.
  • the communications network i.e., a server coupled to the network
  • the secure virtual environment may receive the authentication request in block 2226.
  • the secure virtual environment may send a user authentication package for the user in the associated network back to the requesting server on the communication network.
  • the authentication package may be the user's name or ID and a code or key known only to the mobile device and the organization server which indicates that the mobile device has authenticated the user.
  • the authentication package may be some or all of the authentication inputs provided by the user.
  • the authentication package may include both a device authentication key and user authentication inputs.
  • the user authentication may be verified in block 2230. After verification of the user authentication, the communication network may permit access to the servers on the communication network in block 2232.
  • an encrypted data link may be established between the user interface and the communications network via the secure virtual environment, allowing the user to interact with the network via a secure data link.
  • the user interface may interact with the communications network via the secure data link. All interactions between the communications network and the user interface occur via the secure data link through the secure virtual environment at block 2242.
  • the secure virtual environment encrypts and decrypts data as necessary at block 2242. In this manner, only secure communication between the user and the network may occur.
  • the user interface may receive a request to terminate the secure virtual environment.
  • the user interface may also generate an automatic exit in block 2246, such as in response to user inactivity.
  • all data associated with the secure virtual environment may be deleted or encrypted by the secure virtual environment.
  • the secure virtual environment may terminate the secure data link.
  • the user may also be logged off from the communications network at block 2254.
  • the secure virtual environment may close. The user interface may then indicate that the non-secure operating system is implemented at block 2252.
  • FIG. 22 illustrates an embodiment method 2300 for enabling a secure virtual environment upon mobile device startup.
  • This method 2300 may be implemented within a processor of a mobile device by configuring the processor with suitable processor-executable instructions to perform the operations of the method.
  • a mobile device may be started.
  • the secure virtual environment may be started in the background as part of the mobile device startup routines.
  • the secure virtual environment may run in the background of the mobile device.
  • FIG. 23 illustrates an embodiment method 2400 that may be implemented inside the secure virtual environment for granting access to trusted applications without repeated user log-ins.
  • This method 2400 may be implemented within a processor of a mobile device by configuring the processor with suitable processor-executable instructions to perform the operations of the method.
  • a user selection of a trusted application may be received from the user interface.
  • the user input may be in the form of a user touching or clicking on an icon on the mobile device desktop, a drop down menu, or via any other selection method.
  • the trusted application may request a form of user authentication from the secure virtual environment.
  • This request for authentication by an application may occur for various reasons.
  • the application may include a security measure requiring user authentication before the application fully activates to prevent unauthorized users from using the application or to present a correct user profile.
  • this request for authentication may be in the form of a call to an authentication API supported by the secure virtual environment.
  • the authentication information may be provided by the secure virtual environment to the requesting application.
  • the secure virtual environment may provide the information directly to the trusted application such as by passing data to the application, indicating authentication in a predefined memory location, or in response to an authentication API call, and therefore prevents the user from having to directly provide information.
  • the opening of the trusted application may appear to be automatic to the user because the user is not notified that the trusted application required user authentication.
  • access may be granted to the trusted application.
  • the secure virtual environment automatically provisions user information and authentication to each trusted application because the secure virtual environment stores the user ID and login information. This saves the user time because they do not have to login to each individual application as it is selected.
  • the mobile device 2500 may include a processor 2502 coupled to internal memories 2510 and 2504.
  • Internal memories 2510 may be volatile or non-volatile memories, and may also be secure and/or encrypted memories, or unsecure and/or unencrypted memories, or any combination thereof.
  • the processor 2502 may also be coupled to a touch screen display 2506, such as a resistive- sensing touch screen, capacitive-sensing touch screen infrared sensing touch screen, or the like. Additionally, the display of the mobile device need not have touch screen capability.
  • the mobile device 2500 may have one or more antenna 2508 for sending and receiving electromagnetic radiation that may be connected to a wireless data link and/or cellular telephone transceiver 2516 coupled to the processor 2502.
  • the mobile device 2500 may also include physical buttons 2512 for receiving user inputs.
  • the mobile device 2500 may also include a power button 2518 for turning the mobile device 2500 on and off.
  • the processor 2502 may be any programmable microprocessor, microcomputer or multiple processor chip or chips that may be configured by software instructions
  • processors 2502 may be provided, such as one processor dedicated to wireless communication functions and one processor dedicated to running other applications.
  • software applications may be stored in the internal memory 2602, 2504, 2510, before they are accessed and loaded into the processor 2502, 2601.
  • the processor 2502, 2601 may include internal memory sufficient to store the application software instructions.
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • a general-purpose processor may be a microprocessor, but, in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine.
  • a processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
  • circuitry that is specific to a given function.
  • the functions described may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software, the functions may be stored as one or more instructions or code on a non-transitory computer- readable medium. The steps of a method or algorithm disclosed herein may be embodied in a processor-executable software module which may reside on a non-transitory computer- readable storage medium. Non-transitory computer-readable storage media may be any available media that can be accessed by a computer.
  • non-transitory computer-readable media may include RAM, ROM, EEPROM, CD- ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that may be used to store desired program code in the form of instructions or data structures and that may be accessed by a computer.
  • Disk and disc includes compact disc (CD), laser disc, optical disc, digital versatile disc (DVD), floppy disk, and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above should also be included within the scope of non-transitory computer-readable media.
  • the operations of a method or algorithm may reside as one or any combination or set of codes and/or instructions on a non-transitory machine readable medium and/or computer-readable medium, which may be incorporated into a computer program product.

Abstract

Procédés et appareils fournissant un environnement virtuel sécurisé à un appareil mobile pour traiter des documents et effectuer des activités sécurisées. Les procédés et appareils créent un environnement d'application sécurisé dans lequel les données et documents peuvent être séparés des données non sécurisées en utilisant un cryptage de document, permettant l'application des polices de sécurité sur l'environnement d'application sécurisé uniquement. La création d'un environnement d'application sécurisé permet aux utilisateurs d'accéder et de manipuler des données sécurisées sur n'importe quel appareil mobile, pas uniquement les appareils sécurisés spécifiquement désignés, sans avoir à sécuriser toutes les données sur l'appareil mobile, tout en fournissant la sécurité nécessaire du document à l'entreprise. Les procédés et appareils permettent de sécuriser les données d'un appareil mobile au niveau des données par cryptage.
EP12751210.1A 2011-08-10 2012-08-10 Procédé et appareil pour fournir un environnement virtuel sécurisé à un appareil mobile Active EP2742710B1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/207,134 US8949929B2 (en) 2011-08-10 2011-08-10 Method and apparatus for providing a secure virtual environment on a mobile device
PCT/US2012/050440 WO2013023179A1 (fr) 2011-08-10 2012-08-10 Procédé et appareil pour fournir un environnement virtuel sécurisé à un appareil mobile

Publications (2)

Publication Number Publication Date
EP2742710A1 true EP2742710A1 (fr) 2014-06-18
EP2742710B1 EP2742710B1 (fr) 2020-09-23

Family

ID=46750474

Family Applications (1)

Application Number Title Priority Date Filing Date
EP12751210.1A Active EP2742710B1 (fr) 2011-08-10 2012-08-10 Procédé et appareil pour fournir un environnement virtuel sécurisé à un appareil mobile

Country Status (7)

Country Link
US (1) US8949929B2 (fr)
EP (1) EP2742710B1 (fr)
JP (1) JP6014671B2 (fr)
KR (1) KR101571641B1 (fr)
CN (2) CN103733663A (fr)
IN (1) IN2014CN00388A (fr)
WO (1) WO2013023179A1 (fr)

Families Citing this family (90)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8650620B2 (en) 2010-12-20 2014-02-11 At&T Intellectual Property I, L.P. Methods and apparatus to control privileges of mobile device applications
US9339727B2 (en) 2011-06-15 2016-05-17 Microsoft Technology Licensing, Llc Position-based decision to provide service
US8843764B2 (en) 2011-07-15 2014-09-23 Cavium, Inc. Secure software and hardware association technique
US8700709B2 (en) 2011-07-29 2014-04-15 Microsoft Corporation Conditional location-based reminders
US20130045729A1 (en) * 2011-08-17 2013-02-21 Microsoft Corporation Location-based promotion of applications
US8918841B2 (en) * 2011-08-31 2014-12-23 At&T Intellectual Property I, L.P. Hardware interface access control for mobile applications
US8898459B2 (en) 2011-08-31 2014-11-25 At&T Intellectual Property I, L.P. Policy configuration for mobile device applications
US9489541B2 (en) * 2011-09-09 2016-11-08 Nvidia Corporation Content protection via online servers and code execution in a secure operating system
US10165007B2 (en) * 2011-09-15 2018-12-25 Microsoft Technology Licensing, Llc Securing data usage in computing devices
US9280377B2 (en) 2013-03-29 2016-03-08 Citrix Systems, Inc. Application with multiple operation modes
US9529996B2 (en) 2011-10-11 2016-12-27 Citrix Systems, Inc. Controlling mobile device access to enterprise resources
US9215225B2 (en) * 2013-03-29 2015-12-15 Citrix Systems, Inc. Mobile device locking with context
US8832799B2 (en) * 2011-10-31 2014-09-09 Motorola Mobility Llc Methods and apparatuses for hybrid desktop environment data usage authentication
US8893261B2 (en) * 2011-11-22 2014-11-18 Vmware, Inc. Method and system for VPN isolation using network namespaces
KR101947651B1 (ko) * 2012-03-21 2019-02-13 삼성전자주식회사 보안 모바일 웹 클라이언트 및 웹 서버 시스템
US20130254906A1 (en) * 2012-03-22 2013-09-26 Cavium, Inc. Hardware and Software Association and Authentication
CA2870283C (fr) 2012-04-13 2021-07-06 Ologn Technologies Ag Appareils, procedes et systemes pour transactions securisees automatisees
EP3561714B1 (fr) 2012-04-13 2022-05-04 OLogN Technologies AG Zone sécurisée pour communications numériques
US9432348B2 (en) 2012-04-20 2016-08-30 Ologn Technologies Ag Secure zone for secure purchases
CN103596170A (zh) * 2012-08-17 2014-02-19 中兴通讯股份有限公司 一种利用用户识别卡对终端进行加密的方法和系统
US8745755B2 (en) 2012-10-12 2014-06-03 Citrix Systems, Inc. Controlling device access to enterprise resources in an orchestration framework for connected devices
US9774658B2 (en) 2012-10-12 2017-09-26 Citrix Systems, Inc. Orchestration framework for connected devices
US8910239B2 (en) 2012-10-15 2014-12-09 Citrix Systems, Inc. Providing virtualized private network tunnels
CN104854561B (zh) 2012-10-16 2018-05-11 思杰系统有限公司 用于应用程序管理框架的应用程序封装
US20140108793A1 (en) 2012-10-16 2014-04-17 Citrix Systems, Inc. Controlling mobile device access to secure data
US9971585B2 (en) 2012-10-16 2018-05-15 Citrix Systems, Inc. Wrapping unmanaged applications on a mobile device
EP2914942B1 (fr) 2012-11-02 2023-06-14 Variable Inc. Système et procédé informatique destiné à la détection de couleur, au stockage et à la comparaison
US20140173692A1 (en) * 2012-12-15 2014-06-19 Sudharshan Srinivasan Bring your own device system using a mobile accessory device
US20140282543A1 (en) * 2013-03-15 2014-09-18 Ologn Technologies Ag Secure zone on a virutal machine for digital communications
WO2014141202A1 (fr) 2013-03-15 2014-09-18 Ologn Technologies Ag Systèmes, procédés et appareils de stockage et de fourniture sécurisés d'informations de paiement
US10284627B2 (en) 2013-03-29 2019-05-07 Citrix Systems, Inc. Data management for an application with multiple operation modes
US9413736B2 (en) 2013-03-29 2016-08-09 Citrix Systems, Inc. Providing an enterprise application store
US9355223B2 (en) 2013-03-29 2016-05-31 Citrix Systems, Inc. Providing a managed browser
US9985850B2 (en) 2013-03-29 2018-05-29 Citrix Systems, Inc. Providing mobile device management functionalities
KR102095912B1 (ko) * 2013-05-15 2020-04-02 삼성전자 주식회사 보안 기능 운용 방법 및 이를 지원하는 전자 장치
US9927995B2 (en) * 2013-06-19 2018-03-27 Telefonaktiebolaget Lm Ericsson (Publ) Method and an integrated circuit for executing a trusted application within a trusted runtime environment
US9948640B2 (en) 2013-08-02 2018-04-17 Ologn Technologies Ag Secure server on a system with virtual machines
US9674323B1 (en) * 2013-08-29 2017-06-06 Variable, Inc. Modular multi-functional device, method, and system
US10824756B2 (en) 2013-09-20 2020-11-03 Open Text Sa Ulc Hosted application gateway architecture with multi-level security policy and rule promulgations
US9674225B2 (en) 2013-09-20 2017-06-06 Open Text Sa Ulc System and method for updating downloaded applications using managed container
EP2851833B1 (fr) * 2013-09-20 2017-07-12 Open Text S.A. Architecture de passerelle d'application avec promulgations de politique et de règles de sécurité multiples niveaux
US9218494B2 (en) 2013-10-16 2015-12-22 Citrix Systems, Inc. Secure client drive mapping and file storage system for mobile device management type security
US9342331B2 (en) * 2013-10-21 2016-05-17 International Business Machines Corporation Secure virtualized mobile cellular device
US9729551B1 (en) * 2013-11-26 2017-08-08 Mobile Iron, Inc. Virtual mailbox
US9785794B2 (en) * 2013-12-12 2017-10-10 Citrix Systems, Inc. Securing sensitive data on a mobile device
US8886933B1 (en) * 2013-12-17 2014-11-11 Google Inc. Streamlined provisioning and configuration of computing devices
WO2015099698A1 (fr) * 2013-12-24 2015-07-02 Intel Corporation Protection de contenu pour données à la demande (daas)
US9311484B2 (en) 2014-01-09 2016-04-12 International Business Machines Corporation Enhanced security and resource utilization in a multi-operating system environment
US9697374B2 (en) * 2014-02-19 2017-07-04 Microsoft Technology Licensing, Llc Data proxy service
US9760710B2 (en) * 2014-02-28 2017-09-12 Sap Se Password recovering for mobile applications
US9774632B2 (en) * 2014-03-24 2017-09-26 Etas Embedded Systems Canada Inc. Management and distribution of security policies in a communication system
US9521116B2 (en) * 2014-06-11 2016-12-13 Verizon Patent And Licensing Inc. Apparatus, method, and system for securing a public wireless network
US9715597B2 (en) * 2014-09-25 2017-07-25 Mcafee, Inc. Data verification using enclave attestation
US9785999B2 (en) * 2014-10-02 2017-10-10 Coupa Software Incorporated Providing access to a networked application without authentication
US9507951B2 (en) * 2014-10-20 2016-11-29 Intel Corporation Technologies for secure input and display of virtual touch user interfaces
CN104331667B (zh) * 2014-10-24 2018-10-26 宇龙计算机通信科技(深圳)有限公司 基于双系统的数据保存方法及系统
US9767324B2 (en) 2014-11-22 2017-09-19 Intel Corporation Transparent execution of secret content
CN105762928B (zh) * 2014-12-15 2019-07-26 国家电网公司 一种储能电站监控系统
US10156477B2 (en) 2015-05-01 2018-12-18 Variable, Inc. Intelligent alignment system and method for color sensing devices
BR102015015270B1 (pt) * 2015-06-24 2022-11-29 Samsung Eletrônica Da Amazônia Ltda Método para fornecer um modo de segurança para aplicações de dispositivos móveis
US11593075B2 (en) 2015-11-03 2023-02-28 Open Text Sa Ulc Streamlined fast and efficient application building and customization systems and methods
KR102088290B1 (ko) * 2016-01-07 2020-03-12 한국전자통신연구원 보안 영역 기반의 신뢰서비스 제공 방법 및 이를 이용한 장치
US10419401B2 (en) * 2016-01-08 2019-09-17 Capital One Services, Llc Methods and systems for securing data in the public cloud
US11797706B2 (en) * 2016-02-09 2023-10-24 Health2047, Inc. Mobile device network traffic modification and user based restrictions on data access
DE102016210788B4 (de) * 2016-02-18 2023-06-07 Volkswagen Aktiengesellschaft Komponente zur Verarbeitung eines schützenswerten Datums und Verfahren zur Umsetzung einer Sicherheitsfunktion zum Schutz eines schützenswerten Datums in einer solchen Komponente
US11388037B2 (en) 2016-02-25 2022-07-12 Open Text Sa Ulc Systems and methods for providing managed services
US10498726B2 (en) * 2016-03-22 2019-12-03 International Business Machines Corporation Container independent secure file system for security application containers
US9769131B1 (en) 2016-08-02 2017-09-19 Architecture Technology Corporation Fast reconfiguring environment for mobile computing devices
US10592639B2 (en) 2016-09-06 2020-03-17 Intel Corporation Blockchain-based shadow images to facilitate copyright protection of digital content
GB2555569B (en) * 2016-10-03 2019-06-12 Haddad Elias Enhanced computer objects security
US10733284B2 (en) * 2016-10-06 2020-08-04 Samsung Electronics Co., Ltd. Trusted execution environment secure element communication
US10574689B1 (en) * 2016-10-06 2020-02-25 Hoyos Vsn Corp. Mitigating mobile OS intrusions from user space applications using secure services and biometric identification
JP2018106455A (ja) * 2016-12-27 2018-07-05 株式会社ケイエスジェイ 組み込み機器
TWI673667B (zh) * 2017-01-25 2019-10-01 楊建綱 內建智慧安全行動裝置
US11165825B2 (en) 2017-02-16 2021-11-02 Emerald Cactus Ventures, Inc. System and method for creating encrypted virtual private network hotspot
US11122013B2 (en) * 2017-02-16 2021-09-14 Emerald Cactus Ventures, Inc. System and method for encrypting data interactions delineated by zones
WO2018151851A1 (fr) * 2017-02-16 2018-08-23 Tenta, Llc Système et procédé d'établissement de réseaux privés virtuels cryptés simultanés à partir d'un dispositif informatique unique
US10819702B2 (en) * 2017-03-28 2020-10-27 Netapp, Inc. Methods and systems for providing wake-on-demand access to session servers
GB2561396B (en) * 2017-04-13 2020-07-15 Barclays Execution Services Ltd Data security using two operating environments operating in parallel
CN107229863A (zh) * 2017-06-12 2017-10-03 济南浪潮高新科技投资发展有限公司 一种安全运行环境虚拟方法
KR20190044815A (ko) * 2017-10-23 2019-05-02 삼성전자주식회사 보안 서비스 제어를 위한 시스템 및 그의 동작 방법
CN110362976B (zh) * 2018-04-11 2021-05-07 旭景科技股份有限公司 生物识别安全装置
CN110765439B (zh) * 2018-08-17 2023-01-31 安天科技集团股份有限公司 一种移动存储加密认证的方法、装置及存储介质
US10746599B2 (en) 2018-10-30 2020-08-18 Variable, Inc. System and method for spectral interpolation using multiple illumination sources
US11586750B2 (en) * 2019-03-21 2023-02-21 Blackberry Limited Managing access to protected data file content
FR3100901B1 (fr) * 2019-09-12 2021-08-27 Stmicroelectronics Grand Ouest Sas Système de protection de la mémoire
US11012326B1 (en) * 2019-12-17 2021-05-18 CloudFit Software, LLC Monitoring user experience using data blocks for secure data access
CN111756718B (zh) * 2020-06-15 2022-09-30 深信服科技股份有限公司 终端及访问方法、系统、服务器和计算机可读存储介质
US11716355B1 (en) 2020-11-24 2023-08-01 Wells Fargo Bank, N.A. Company controlled virtual computer over a network
FR3128040B1 (fr) * 2021-10-08 2023-10-27 Cyferall Application de sécurité pour un dispositif informatique, système de sécurité et architecture de sécurité correspondante

Family Cites Families (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040163087A1 (en) * 2003-02-14 2004-08-19 Carl Sandland Computer program code and method for delivering external data to a process running on a virtual machine
US8074266B2 (en) * 2004-08-20 2011-12-06 Mitsubishi Electric Corporation Memory card, data exchange system, and data exchange method
JP4811271B2 (ja) * 2004-08-25 2011-11-09 日本電気株式会社 情報通信装置及びプログラム実行環境制御方法
CN100388666C (zh) * 2004-12-09 2008-05-14 腾讯科技(深圳)有限公司 一种数据传输过程的控制方法及系统
US8060683B2 (en) * 2004-12-17 2011-11-15 International Business Machines Corporation System, method and program to preserve a cache of a virtual machine
US7823214B2 (en) * 2005-01-07 2010-10-26 Apple Inc. Accessory authentication for electronic devices
US7693838B2 (en) * 2005-11-12 2010-04-06 Intel Corporation Method and apparatus for securely accessing data
US7984109B2 (en) 2006-02-24 2011-07-19 Qualcomm Incorporated System and method for storing and accessing data files at wireless devices
US7779252B2 (en) 2006-03-21 2010-08-17 Harris Corporation Computer architecture for a handheld electronic device with a shared human-machine interface
GB2440170B8 (en) 2006-07-14 2014-07-16 Vodafone Plc Digital rights management
US8126506B2 (en) * 2007-02-14 2012-02-28 Nuance Communications, Inc. System and method for securely managing data stored on mobile devices, such as enterprise mobility data
JP4987555B2 (ja) * 2007-04-27 2012-07-25 株式会社東芝 情報処理装置、および情報処理システム
EP2183695B1 (fr) * 2007-07-20 2014-11-12 Nxp B.V. Dispositif équipé d'une machine virtuelle sécurisée
US8769268B2 (en) * 2007-07-20 2014-07-01 Check Point Software Technologies, Inc. System and methods providing secure workspace sessions
US8554176B2 (en) * 2007-09-18 2013-10-08 Qualcomm Incorporated Method and apparatus for creating a remotely activated secure backup service for mobile handsets
US9003173B2 (en) 2007-09-28 2015-04-07 Microsoft Technology Licensing, Llc Multi-OS (operating system) boot via mobile device
JP2009169841A (ja) * 2008-01-18 2009-07-30 Panasonic Corp 情報処理装置および携帯電話装置
JP2009223776A (ja) * 2008-03-18 2009-10-01 Univ Of Tsukuba 情報処理システム及び情報処理システム用プログラム並びにクライアント装置のアクセス制御方法
KR101331032B1 (ko) * 2008-07-30 2013-11-19 삼성전자주식회사 가상화 환경과 결합된 어플리케이션 실행 방법
US8468535B1 (en) * 2008-09-23 2013-06-18 Gogrid, LLC Automated system and method to provision and allocate hosting resources
US9026918B2 (en) * 2008-10-16 2015-05-05 Accenture Global Services Limited Enabling a user device to access enterprise data
JP2010097567A (ja) * 2008-10-20 2010-04-30 Hitachi Ltd デバイス接続制御方法
JP2010257289A (ja) * 2009-04-27 2010-11-11 Nec Corp 通信装置、通信装置の制御方法、およびプログラム
US8107927B2 (en) 2009-06-18 2012-01-31 T-Mobile Usa, Inc. Dedicated memory partitions for users of a shared mobile device
US8302094B2 (en) * 2009-06-26 2012-10-30 Vmware, Inc. Routing a physical device request using transformer stack to an equivalent physical device in a virtualized mobile device
WO2011007017A1 (fr) 2009-07-13 2011-01-20 Zitralia Seguridad Informática, S.L. Dispositif électronique de génération d'un environnement sécurisé
US8689213B2 (en) * 2009-12-14 2014-04-01 Citrix Systems, Inc. Methods and systems for communicating between trusted and non-trusted virtual machines
US8307169B2 (en) * 2011-03-10 2012-11-06 Safenet, Inc. Protecting guest virtual machine memory
US10503343B2 (en) * 2011-07-06 2019-12-10 Microsoft Technology Licensing, Llc Integrated graphical user interface

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2013023179A1 *

Also Published As

Publication number Publication date
JP2014525612A (ja) 2014-09-29
KR101571641B1 (ko) 2015-11-24
US8949929B2 (en) 2015-02-03
JP6014671B2 (ja) 2016-10-25
CN110598395A (zh) 2019-12-20
EP2742710B1 (fr) 2020-09-23
CN103733663A (zh) 2014-04-16
KR20140058623A (ko) 2014-05-14
US20130042295A1 (en) 2013-02-14
WO2013023179A1 (fr) 2013-02-14
IN2014CN00388A (fr) 2015-04-03

Similar Documents

Publication Publication Date Title
US8949929B2 (en) Method and apparatus for providing a secure virtual environment on a mobile device
US11818129B2 (en) Communicating with client device to determine security risk in allowing access to data of a service provider
CN112513857A (zh) 可信执行环境中的个性化密码安全访问控制
US9628448B2 (en) User and device authentication in enterprise systems
US9516066B2 (en) Rights management services integration with mobile device management
US10785230B1 (en) Monitoring security of a client device to provide continuous conditional server access
EP3192002B1 (fr) Préservation de la protection des données à l'aide d'une politique
US10749877B1 (en) Performing a security action in response to a determination that a computing device is lost or stolen
US8261093B1 (en) System, method, and computer program product for disabling a communication channel during authentication
KR20160043029A (ko) 보안 인증 및 암호화된 도메인들로의 스위칭
US10032044B2 (en) Multi-party authentication and authorization
US9323911B1 (en) Verifying requests to remove applications from a device
Campagna et al. Mobile device security for dummies
US11232220B2 (en) Encryption management for storage devices
EP3817327A1 (fr) Surveillance de la sécurité d'un dispositif client pour fournir un accès conditionnel continu au serveur
US10756899B2 (en) Access to software applications
Gorbāns et al. The Myths of and Solutions for Android OS Controlled and Secure Environment
Vigo, Jr Inside Job

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20140115

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20180209

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

INTG Intention to grant announced

Effective date: 20200403

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE PATENT HAS BEEN GRANTED

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602012072455

Country of ref document: DE

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 1317665

Country of ref document: AT

Kind code of ref document: T

Effective date: 20201015

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201223

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201224

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201223

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 1317665

Country of ref document: AT

Kind code of ref document: T

Effective date: 20200923

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

REG Reference to a national code

Ref country code: NL

Ref legal event code: MP

Effective date: 20200923

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG4D

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20210125

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20210123

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602012072455

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

26N No opposition filed

Effective date: 20210624

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

REG Reference to a national code

Ref country code: BE

Ref legal event code: MM

Effective date: 20210831

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210831

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210831

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210810

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210810

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210831

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20120810

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20200923

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20230712

Year of fee payment: 12

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20230710

Year of fee payment: 12

Ref country code: DE

Payment date: 20230711

Year of fee payment: 12